Bullying & the Enterprise

The tragic story of Megan Meier, the 13-year-old who committed suicide as the result of a particularly nasty personal attack, brought attention to cyber bullying on a massive scale. It’s time we considered what this focus on cyber bullying will do over time to the laws surrounding Internet activity and cyber bullying in general.

Some companies are aggressively looking at employees' email and monitoring their Web activities, at least while the employees are at work. But most are not.

Whether we believe it occurs regularly in our own companies or not, this activity may affect as much as 70 percent of children. As these children become adults and move into the workforce, cyber bullying is likely only going to increase. Existing laws surrounding harassment appear to not be up to the task of preventing these activities, and the outcome is potentially as bad as it was with harassment before many of our firms adopted zero-tolerance policies.

As it was with harassment, there will likely be a number of high-profile cases and extremely large awards, which will precede the wave of policy changes that inevitably will emerge as a result. But there is also the likelihood that the person being bullied will respond violently rather than legally. (Given that I was just blocks from the Electromagnetic Systems Labs [ESL] shooting spree in Sunnyvale, Calif., years ago, and nearly caught in a similar situation personally, I can say with some certainty that we need to ensure that outcome does not happen in our own companies.)

Most firms will likely wait until a major violent event or legal event occurs before they respond to this new threat. But I think it’s wise to get ahead of this problem and forestall this behavior now.

Harassment in any form should be unacceptable, and for an employee using company resources to carry out this harassment, the response should be as strong as what it would be if they did the same thing in the physical space.

This is not simply to protect your employees, but also to protect your brand and the survival of the company. As we saw with ESL, when a major problem results, it can hurt a company – whether from just the trauma or from the amount of litigation that can overwhelm the insurance protection.

Many organizations sample email today, but few have solid policies on what people do in chat rooms, nor do they do more than make sure employees aren’t going to porn sites. Cisco, the leading expert in networking, was recently badly embarrassed by an attorney who was simply expressing an opinion that Cisco likely shared – but did so using a false identity. This created some presumably expensive legal exposure for the firm, but it's almost insignificant compared with the potential for harm by cyber bullies using company resources for their attacks.

Suggested policies/practices
All sites and activities should be sampled, particularly where the employee is representing himself anonymously – that activity should have the express approval of management if it is performed on company resources.

If someone is posting on the company’s time or equipment, they should do so with the understanding of full accountability of their actions, and not under the cover of anonymity. If he or she is caught doing something damaging to the company, then a punishment appropriate to the action must be applied by policy. HR policies and zero-tolerance should apply, regardless of medium.

And even if an employee is posting on his own equipment and on his personal time, he should be made aware that inappropriate behavior may result in the termination of his employment.

Finally, we should look at companies like IBM Corp. (NYSE: IBM) and Disney for guidance on how employees should behave. Too many executives seem to think that what they do at night or on their own time is somehow protected. In a world where most everyone has a camera, and every action, particularly on the Web, is tracked by someone, you can’t remain anonymous. Disney trains its employees to apply the on-stage litmus test to whenever they are in a public place. This concept should apply to the Web and be part of your regular employee training.

Much of what I’m suggesting here likely falls under existing rules the company already has, but isn’t broadly enforced. Just remember: Pedophiles and cyber bullies work for someone, so make sure they don’t work for you.

— Rob Enderle is President and Founder of Enderle Group . Special to Dark Reading.